Open DanielStout5 opened 3 years ago
micheltriana
commented
3 years ago Hi @DanielStout5, how/where do you run this script against Azure? I tried running it in the Azure Cloud Shell, and didn't run without lots of mods and additional params, and even then, we are getting a "UnsupportedResourceOperation : The resource type 'certificates' does not support this operation.". How are you running this script? Thanks!
stevesinchak
commented
2 years ago @micheltriana you have to build this into a powershell script. Here is my adaptation of the code above:
First the prerequisits:
Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force
Set-ExecutionPolicy -ExecutionPolicy RemoteSignedNext, the actual ps1 script:
Import-Module Az.Resources
Connect-AzAccount
Set-AzContext -Subscription "<your subscription guid>"
$certs = Get-AzResource -ResourceType Microsoft.Web/certificates -ExpandProperties
foreach ($cert in $certs)
{
if((get-date $cert.Properties.expirationDate) -le (Get-Date) )
{
Remove-AzResource -ResourceId $cert.ResourceId -Verbose -Confirm:$false -Force
}
}The process is kind of slow, it will take a while to delete all the old expired certs. Would be nice if this is cleaned up when a cert is renewed.
We sometimes get this error:
Creating the resource of type 'Microsoft.Web/certificates' would exceed the quota of '800' resources of type 'Microsoft.Web/certificates' per resource group. The current resource count is '800', please delete some resources of this type before creating a new one.It seems that the site extension doesn't delete the old expired certificates.
We run this command periodically to delete the old expired certificates:
But it would be nice if that kind of cleanup was included in the site extension somehow